Q154596

[BPM Mixmaster Remailer <remailer () bpm ai>]

This may interest some of you...

Configuring RPC Dynamic Port Allocation to Work With Firewall 

--------------------------------------------------------------------------------
The information in this article applies to:

Microsoft Windows NT Server version 4.0

--------------------------------------------------------------------------------

IMPORTANT: This article contains information about editing the registry. Before you edit the registry, make sure you 
understand how to restore it if a problem occurs. For information about how to do this, view the "Restoring the 
Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.


SUMMARY
RPC dynamic port allocation is used by remote administration applications such as DHCP Manager, WINS Manager, and so 
on. RPC dynamic port allocation will instruct the RPC client to use a particular random port above 1024. 

Customers using firewalls may want to control which ports RPC is using so that their firewall router can be configured 
to forward only these TCP ports. 

The following registry entries apply to Windows NT 4.0. They do not apply to previous versions of Windows NT. 





MORE INFORMATION
The values (and Internet key) discussed below do not appear in the registry; they must be added manually using the 
Registry Editor 

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating 
system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use 
Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor 
(Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. 
Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update 
your Emergency Repair Disk (ERD).

With Registry Editor, you can modify the following parameters for RPC. The RPC Port key values discussed below are all 
located in the following key in the registry: 

HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Internet\

Key Data Type 

Ports REG_MULTI_SZ



Specifies a set of IP port ranges consisting of either all the ports available from the Internet or all the ports not 
available from the Internet. Each string represents a single port or an inclusive set of ports (for example,"1000-1050" 
"1984"). If any entries are outside the range of 0 to 65535, or if any string cannot be interpreted, the RPC run time 
will treat the entire configuration as invalid. 
PortsInternetAvailable REG_SZ Y or N (not case-sensitive) 
If Y, the ports listed in the Ports key are all the Internet- available ports on that computer. If N, the ports listed 
in the Ports key are all those ports that are not Internet-available. 
UseInternetPorts REG_SZ ) Y or N (not case-sensitive 
Specifies the system default policy. 
If Y, the processes using the default will be assigned ports from the set of Internet-available ports, as defined 
previously. 
If N, the processes using the default will be assigned ports from the set of intranet-only ports. 
Example: 

Add the Internet key under

HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc 


Under the Internet key, add the values "Ports" (MULTI_SZ), "PortsInternetAvailable" (REG_SZ), and "UseInternetPorts" 
(REG_SZ).

In this example, use ports 1025 through 1030, so the new registry key appears as follows:

Ports: REG_MULTI_SZ: 1025-1030
PortsInternetAvailable: REG_SZ: Y
UseInternetPorts: REG_SZ: Y 


Restart the server. All applications that use RPC dynamic port allocation will use ports 1025 through 1030, inclusive.




For additional information, please see the following articles in the Microsoft Knowledge Base:

Q167128SMS: Network Ports Used by Remote Helpdesk Functions 

Q179442How to Configure a Firewall for Windows NT and Trusts 



Additional query words: ephemeral com dcom com+ msmq enterprise 

Keywords: kbnetwork ntnetserv ntprotocol NTSrv 
Version: winnt:4.0
Platform: winnt 
Issue type        :